On February 20, Canonical published in a security notice details about OpenSSL vulnerabilities for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 10.04 LTS, and Ubuntu 8.04 LTS operating systems.According to Canonical, several security issues have been fixed in OpenSSL.
It was discovered that OpenSSL incorrectly handled certain crafted CBC data when used with AES-NI. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service.
For a more detailed description of the security problems, you can visit Canonical's security notification.
The security flaws can be fixed if you upgrade your system(s) to the latest libssl package, specific to each distribution. To apply the update, run the Update Manager application.
After a standard system update, you need to reboot your computer to make all the necessary changes.